POWERFUL PROTECTION FOR ENTERPRISE

ESET PROTECT Enterprise

Cyber risk management and visibility into your IT environment. Stay one step ahead of any known or unknown threats.

Leave us your contact details to receive an offer tailored for your company's needs.

Comprehensive security solution for all business sizes 

Endpoint detection & response

Get complete prevention, detection and remediation solution

Enhanced endpoint visibility, threat hunting and incident response tool designed to mitigate any security issue in the network immediately.

Cloud sandbox

Prevent zero-day threats

Improved protection against ransomware and zero-day threats via cloud-based sandboxing technology.

Robust encryption

Protect business data

Helps you comply with data regulations, thanks to full disk encryption capabilities on Windows and macOS.

Leading-edge protection

Shield company in real time

Unique behaviour and reputation-based detection that is fully transparent to security teams, and provides them with real-time feedback gathered from over 110 million endpoints in our LiveGrid®.

ESET PROTECT Enterprise

Powerful malware, exploit and ransomware prevention augmented by ESET EDR and Cloud Sandbox Analysis. Integrated and managed from a single pane of glass to provide full visibility into your network.

Cloud-Based Console

Includes ESET PROTECT

Single-pane-of-glass remote management for visibility of threats, users and quarantined items.
Available as cloud or on-premises.
Learn more

Endpoint Protection

Includes ESET Endpoint Security

Advanced multilayered protection for computers, smartphones and virtual machines. Learn more

File Server Security

Includes ESET File Security

Real-time protection for your company’s data passing through all general servers. Learn more

Full Disk Encryption

Includes ESET Full Disk Encryption

Robust encryption solution for system disks, partitions or entire devices to achieve legal compliance. Learn more

Cloud Sandbox

Includes ESET Dynamic Threat Defense

Proactive protection against zero-day threats, that analyses suspicious samples in an isolated cloud sandbox environment. Learn more

Endpoint Detection & Response

Includes ESET Enterprise Inspector

Highly customisable EDR enables identification of anomalous behaviour and further investigation with subsequent response capabilities to incidents and breaches. Learn more

*manageable only via on-premises ESET PROTECT console

Cloud-Based Console

Includes ESET PROTECT

Single-pane-of-glass remote management for visibility of threats, users and quarantined items.
Available as cloud or on-premises.
Learn more

Endpoint Protection

Includes ESET Endpoint Security

Advanced multilayered protection for computers, smartphones and virtual machines. Learn more

File Server Security

Includes ESET File Security

Real-time protection for your company’s data passing through all general servers. Learn more

Full Disk Encryption

Includes ESET Full Disk Encryption

Robust encryption solution for system disks, partitions or entire devices to achieve legal compliance. Learn more

Cloud Sandbox

Includes ESET Dynamic Threat Defense

Proactive protection against zero-day threats, that analyses suspicious samples in an isolated cloud sandbox environment. Learn more

Endpoint Detection & Response

Includes ESET Enterprise Inspector

Highly customisable EDR enables identification of anomalous behaviour and further investigation with subsequent response capabilities to incidents and breaches. Learn more

*manageable only via on-premises ESET PROTECT console

Manage your endpoints wherever you are

Experience ESET PROTECT console's full potential right now.
No need for installation or setup.

Single-click management

Actions such as 'create an exclusion', 'submit files for further analysis' or 'initiate a scan' are available within a single click.

Advanced reports

ESET PROTECT platform provides over 170 built-in reports and allows you to create custom reports from over 1000 data points.

Custom notifications

Use predefined notifications or create your own. The notification system features a full 'what you see is what you get' editor.

Public API

ESET Enterprise Inspector features an API that allows effective integration with tools such as SIEM, SOAR, ticketing tools and many others.

What IT pros are saying

"Runs better than ANY other AV I have EVER used, blocks the issues before the user can attempt to use the questionable files."

Read full review

"I enjoy the continuous protection, automatic updates, and small size of this program in comparison to other options."

Read full review

"The things I enjoy most about their products is how light they run on my clients' systems and how easy they are to manage and configure."

Read full review
ESET Endpoint Security is a leader in Small-Business Endpoint Protection Suites on G2

Based on customer reviews, through G2 Crowd surveys that asked ESET business customers to rate their experiences using ESET Endpoint Security.

Get started

Request customised offer

ESET PROTECT Enterprise

Cyber risk management and visibility into your IT environment, managed from a single‑pane‑of‑glass on‑premise console.

  • Endpoint Protection Platform
  • File Server Security
  • Cloud Sandbox
  • Full Disk Encryption
  • Endpoint Detection & Response

Leave us your contact details to receive an offer tailored for your company's needs.

Try before you buy

Try out the ESET PROTECT platform in action

  • One-click access to interactive demo
  • No installation needed
  • Experience cloud management first-hand
ESET Cloud Administrator image

Full 30-day free trial

  • Try full license, no commitment
  • Install and deploy our protection solutions
  • Experience light footprint on your systems
Mitsubishi logo

protected by ESET since 2017
more than 9,000 endpoints

Greenpeace logo

protected by ESET since 2016
more than 4,000 mailboxes

Canon MJ Group logo

protected by ESET since 2016
more than 14,000 endpoints

T-Com logo

ISP security partner since 2008
2 million customer base

System requirements and licence information

ESET PROTECT Enterprise

Supported operating systems

For computers

  • Microsoft Windows 10, 8.1, 8, 7
  • macOS 10.12 and later
  • Ubuntu Desktop 18.04 LTS 64-bit and RedHat Enterprise Linux (RHEL) Desktop 7 64-bit

For smartphones and tablets

  • Android 5 (Lollipop) and later
  • iOS 8 and later

For file servers

  • Microsoft Windows Server 2019, 2016, 2012, 2008
  • Microsoft Windows Storage Server 2016, 2012, 2008
  • Microsoft Windows MultiPoint Server 2012, 2011, 2010
  • Microsoft Windows Small Business Server 2011
  • RedHat Enterprise Linux (RHEL) 7, 8
  • CentOS 7, 8
  • Ubuntu Server 16.04 LTS, 18.04 LTS, 20.04 LTS
  • Debian 9, 10
  • SUSE Linux Enterprise Server (SLES) 12, 15
  • Oracle Linux 8
  • Amazon Linux 2

For virtual environments

  • VMware vSphere 6.0, 6.5+, 6.7+ (vCenter Single Sign-On, vSphere Client/Web Client, vCenter Server, vCenter Inventory Service)
  • VMware NSX Manager 6.3+, 6.4.0, 6.4.1, 6.4.2
  • VMware Guest Introspection 6.2.4+, 6.3+, 6.4+

Licence information

Cloud and on-premises management included

Remote management platform is available as cloud-based or on-premises deployment. No need to buy or maintain additional hardware, reducing the total cost of ownership.

Flexible licencing

Mix and match your licences as needed
ESET Unilicense covers all the bases, allowing you to mix and match endpoint protection without wasting a single licence.

Add additional devices at any time
You can purchase licences for additional computers, laptops, mobile devices and servers any time.

Transfer a licence to another computer
You can transfer a valid ESET licence to a completely new computer from the original one. In addition, you can switch from one OS to another.

Switch to a different platform at any time
It's easy to switch your protection from one platform to another at any point during the licence term, without having to purchase additional licences.

Related resources and documents

Solution overview

Download full solution overview of ESET PROTECT Enterprise.

Download PDF

Use cases

Read more about how can ESET help you to hunt threats and block them effectively.

Download use cases

Technology

In 2019, ESET was named a Gartner Peer Insights Customers' Choice for Endpoint Protection Platforms.

Learn more

Customer stories

What do our customers appreciate on ESET? Find the customer stories relevant to your industry.

Learn more

Looking for more security options?

Security Management Remote management available as cloud‑based or on‑premises deployment.

Endpoint
Protection Advanced multilayered protection for computers, smartphones and virtual machines.

File Server
Security Real-time protection for your company’s data passing through all general servers.

Full Disk
Encryption Robust encryption solution for system disks, partitions or entire devices to achieve legal compliance.

Cloud Sandbox Proactive protection against zero-day threats, that analyses suspicious samples in an isolated cloud sandbox environment.

Mail Security Blocks all spam and malware at server level, before they reach users’ mailboxes.

Cloud App Protection Advanced preventive protection for Microsoft 365 cloud email, collaboration and storage. With a dedicated console.

Endpoint Detection & Response Highly customisable EDR enables the identification of anomalous behaviour and further investigation with subsequent response capabilities to incidents and breaches.

*manageable only via on-premises ESET PROTECT console

Starting at
£141.50
for 5 devices

Starting at
£198.50
for 5 devices

Starting at
£244.00
for 5 devices

RECOMMENDED

Price available on request

Starting at
£90.50
for 5 devices

Not sure which solution is best for your business?

Are you an existing customer?

Renew today

Renew, upgrade or add devices to your existing ESET license.

Manage licences

ESET Business Account is a licence management platform for business customers.

Installation

Install your purchased protection on additional devices.

Need assistance?

All ESET products include free technical support in your language.

Security management

ESET PROTECT Console

Offered as a service that ensures real-time visibility for all endpoints, as well as full reporting and security management for all OSes

  • Cloud-based console with the option of on-premises deployment
  • Provides real-time visibility for all endpoints: desktops, servers, virtual machines and even managed mobile devices
  • Enables full reporting for ESET security solutions
  • Controls endpoint prevention, detection & response layers across all platforms
  • Connect anytime, anywhere from your favourite web browser

 

Comes automatically within all bundled solutions.

Explore features

Fully customizable notification system

From the main dashboard, an IT admin can quickly assess the situation and respond to issues. Actions such as create an exclusion, submit files for further analysis or initiate a scan are available within a single click. Exclusions can be made by threat name, URL, hash or combination.

Automation framework

Dynamic groups can sort computers based on current device status or defined inclusion criteria. Tasks can then be set up to trigger actions such as scans, policy changes or software installs / uninstalls based off dynamic group membership changes.

Dynamic and custom reporting

ESET PROTECT provides over 170 built-in reports and allows you to create custom reports from over 1000 data points. This allows organizations to create reports to look and feel exactly as they might want. Once created, reports can be set up to be generated and emailed at scheduled intervals.

Fully automated VDI support

A comprehensive hardware detection algorithm is used to determine the identity of the machine based on its hardware. This allows automated re-imaging and cloning of non-persistent hardware environments. Therefore, ESET’s VDI support requires no manual interaction and is fully automated.

Advanced RBAC

Starting with MFA-protected access, the console is equipped with an advanced Role-Based Access Control (RBAC) system. Assign admins and console users to specific network branches, groups of objects, and specify permission sets with a high degree of granularity.

Start within minutes

With a cloud console, time to protection is significantly shorter. No longer burning resources waiting for components to install, or even scheduling the installation on a server in the first place. Just open your account with ESET and add all the endpoints to be protected—it is as simple as that.

Fast troubleshooting

On the cloud console, ESET experts will be able to provide more effective support or troubleshooting if necessary—which is given by the simple fact that there will be no time wasted finding out what version you’re currently on, because you’re always on the latest one.

Always the latest features

Leave the updating of the console up to us. We’ll do it in the background, and you’ll always be on the latest version with the latest components. That way your organization will benefit from the latest features, and the admins can enjoy the most recent user experience improvements straight from our roadmap.

Lower total cost of ownership

When deciding whether to move from on-prem security console, cloud may seem expensive first. But think again—you’ll no longer need to maintain a server, and spend time with regular upgrades, patches, or restarts. Let alone server licences and backups; which makes cloud console a better deal within a short time span.

Proven and trusted over 30 years

ESET has been in the security industry for over 30 years, and we continue to evolve our technology to stay one step ahead of the newest threats. This has led us to be trusted by over 110 million users worldwide. Our technology is constantly scrutinized and validated by third-party testers who show how effective our approach is at stopping the latest threats.

MSP ready

If you’re a Managed Service Provider (MSP) taking care of your clients’ networks, you’ll appreciate the full multi-tenancy capabilities of ESET PROTECT. MSP licences are automatically detected and synced with the licensing server, and the console lets you do advanced actions such as install/remove any 3rd party application, run scripts, remote commands, list running processes, HW configurations, etc.

System requirements

Cloud deployment

  • Internet connection

Supported browsers

  • Mozilla Firefox
  • Microsoft Edge
  • Google Chrome
  • Safari
  • Opera

See detail specifications

On-premises deployment

Supported operating systems

  • Windows Server 2012, 2012 R2, 2016, 2019
  • Windows Storage Server 2012 R2, 2016
  • Microsoft SBS 2008, 2011
  • Ubuntu, RHEL Server, CentOS, SLED, SLES, OpenSUSE, Debian

See detail specifications

Deployment in Microsoft Azure

See ESET's remote management console as a virtual machine in Microsoft Azure Marketplace.


Endpoint protection

ESET Endpoint Security

Leverages a multilayered approach that utilises multiple technologies in dynamic equilibrium to constantly balance performance, detection and false positives, enabling organisations to:

  • Protect against ransomware
  • Block targeted attacks
  • Prevent data breaches
  • Stop fileless attacks
  • Detect advanced persistent threats
  • Ensure mobile protection and MDM

Explore features

Managed from a unified console

All ESET endpoints, including endpoints and mobiles, can be managed from our cloud-based unified management console ESET PROTECT.

Stop fileless attacks

ESET endpoint protection platforms have mitigations in place to detect malformed or hijacked applications to protect against fileless attacks. Dedicated scanners were also created to constantly check memory for anything suspicious.

Block targeted attacks

ESET’s endpoint protection solutions use threat intelligence information based on their global presence to prioritize and effectively block the newest threats prior to their delivery anywhere else in the world. In addition, our solutions feature cloud-based updating to respond quickly in the case of a missed detection without having to wait for a regular update.

Safeguard the web browser

Designed to protect an organization’s assets with a special layer of protection that focuses on the browser, as the main tool used to access critical data inside the intranet perimeter and in the cloud. Secure Browser provides enhanced memory protection for the browser process, coupled with keyboard protection, and lets admins add URLs to be protected by it.

Network Attack Protection

ESET Network Attack Protection improves detection of known vulnerabilities on the network level.

Botnet Protection

ESET Botnet Protection detects malicious communication used by botnets, and at the same time, identifies the offending processes. Any detected malicious communication is blocked and reported to the user.

Machine learning

All ESET Endpoint products currently use machine learning in conjunction with all of our other defense layers and have done so since 1997. Specifically, machine learning is used in the form of consolidated output and neural networks. For an in-depth inspection of the network, admins can turn on the special aggressive machine learning mode that works even without an internet connection.

In-product Sandbox

ESET’s in-product Sandbox assists in identifying the real behavior hidden underneath the surface of obfuscated malware.

Ransomware Shield

An additional layer protecting users from ransomware. Our technology monitors and evaluates all executed applications based on their behavior and reputation. It is designed to detect and block processes that resemble ransomware behavior.

Behavioral Detection - HIPS

ESET's Host-based Intrusion Prevention System (HIPS) monitors system activity and uses a pre-defined set of rules to recognize and stop suspicious system behavior.

UEFI Scanner

ESET is the first endpoint security provider to add a dedicated layer into its solution that protects the Unified Extensible Firmware Interface (UEFI). ESET UEFI Scanner checks and enforces the preboot environment's security and is designed to monitor the integrity of the firmware. If modification is detected, it notifies the user.

Advanced Memory Scanner

ESET Advanced Memory Scanner monitors the behavior of a malicious process and scans it once it decloaks in memory. Fileless malware operates without needing persistent components in the file system that can be detected conventionally. Only memory scanning can successfully discover and stop such malicious attacks.

Exploit Blocker

ESET Exploit Blocker monitors typically exploitable applications (browsers, document readers, email clients, Flash, Java and more), and instead of just aiming at particular CVE identifiers, it focuses on exploitation techniques. When triggered, the threat is blocked immediately on the machine.

How does ESET Endpoint Security work?

ESET uses multilayered technologies to go far beyond the capabilities of basic antivirus. See various core ESET technologies and an approximation of when and how they can detect and/or block a threat during its lifecycle in the system.

System requirements

File server security

ESET File Security

Provides advanced protection for your company’s data passing through all general servers, network file storage including OneDrive, and multi-purpose servers to ensure business continuity. Keep your sensitive data secure.

  • Ransomware prevention
  • Zero-day threats detection
  • Data breaches prevention
  • Botnet protection

Explore features

Machine learning

All ESET products currently use machine learning in conjunction with all of our other defense layers and have done so since 1997. Specifically, machine learning is used in the form of consolidated output and neural networks.

Behavioural Detection - HIPS

ESET's Host-based Intrusion Prevention System (HIPS) monitors system activity and uses a pre-defined set of rules to recognise and stop suspicious system behaviour.

Ransomware Shield

An additional layer protecting users from ransomware. Our technology monitors and evaluates all executed applications based on their behavior and reputation. It is designed to detect and block processes that resemble the behaviour of ransomware.

Advanced Memory Scanner

ESET Advanced Memory Scanner monitors the behavior of a malicious process and scans it once it decloaks in memory. Fileless malware operates without needing persistent components in the file system that can be detected conventionally. Only memory scanning can successfully discover and stop such malicious attacks.

Network Attack Protection

ESET Network Attack Protection improves detection of known vulnerabilities on the network level. It constitutes another important layer of protection against spreading malware, network-conducted attacks, and exploitation of vulnerabilities, for which a patch has not yet been released or deployed.

Protection for Linux servers

ESET provides installers for the most popular distributions of Unix-based systems, including the ‘Ready’ variations of RedHat and SuSE that comply with the File-System-Hierarchy standard. It requires no external libraries except for LIBC.

Botnet Protection

ESET Botnet Protection detects malicious communication used by botnets, and at the same time, identifies the offending processes. Any detected malicious communication is blocked and reported to the user.

Office 365 OneDrive Storage

After registration is done on a single server, ESET has the ability to scan OneDrive to provide visibility and monitor the trusted source of company storage.

Optional Cloud Sandbox Analysis

ESET Dynamic Threat Defense provides another layer of security for ESET File Security solutions by utilizing cloud-based sandboxing technology to detect new, never before seen type of threats.

AMSI/Protected Service Support

ESET products leverage the Antimalware Scan Interface (AMSI) to provide enhanced malware protection for users, data, applications, and workload. In addition, it utilizes the protected service interface that is a new security module built into Windows that only allows trusted, signed code to load and better protect against code injection attacks.

Exploit Blocker

ESET Exploit Blocker monitors typically exploitable applications (browsers, document readers, email clients, Flash, Java and more), and instead of just aiming at particular CVE identifiers, it focuses on exploitation techniques. When triggered, the threat is blocked immediately on the machine.

In-product Sandbox

ESET’s in-product Sandbox assists in identifying the real behavior hidden underneath the surface of obfuscated malware.

System requirements

Supported Windows operating systems

  • Microsoft Windows Server 2019, 2016, 2012, 2008R2, 2008 SP2
  • Microsoft Windows Server Core 2016, 2012, 2008R2, 2008
  • Microsoft Small Business Server 2011, 2008

Included products

  • ESET File Security for Microsoft Windows Server
  • ESET File Security for Linux
  • ESET File Security for Microsoft Azure

Requirements for ESET File Security for Linux

  • RedHat Enterprise Linux (RHEL) 7 64-bit
  • CentOS 7 64-bit
  • Ubuntu Server 16.04 LTS 64-bit, 18.04 LTS 64-bit
  • Debian 9 64-bit
  • SUSE Linux Enterprise Server (SLES) 12 64-bit, 15 64-bit
  • Glibc Library 2.12 or higher
  • Linux Kernel 2.6.32 or higher
Identity & data protection

ESET Full Disk Encryption

A powerful encryption managed natively by ESET remote management console. It increases your organisation's data security to meet compliance regulations.

  • Encrypt system disks, partitions or entire drives
  • Manage from ESET PROTECT Console
  • Deploy, activate and encrypt devices in a single action

Explore features

All products managed from one console

ESET Full Disk Encryption works within the ESET PROTECT console, helping administrators to save time thanks to familiarity with the existing management environment and concepts.

Fully validated

Patented technology to protect data for businesses of all sizes. ESET Full Disk Encryption is FIPS 140-2 validated with 256 bit AES encryption.

Powerful encryption

ESET Full Disk Encryption encrypts system disks, partitions and entire drives to ensure that everything stored on each PC or laptop is locked down and secure, protecting you against loss or theft.

Cross-platform coverage

Manage encryption on Windows machines and native macOS encryption (FileVault) from a single dashboard.

Add additional devices at any time

You can increase the number of devices covered by your license at any time.

Single-click deployment

Manage full disk encryption across your entire network from a cloud‑based console. ESET PROTECT single pane of glass allows admins to deploy, activate and manage encryption on their connected endpoints with a single click.

Password policies

Admin can set mandatory password attributes, number of passwords retries, and expiry period. From a policy setting it is possible to grant a user the option to change their password whenever they want to.

System requirements

Supported operating systems:

  • Microsoft Windows 7, 8, 8.1, 10
  • macOS 10.14 (Mojave) and higher

Requirements

  • deployed ESET PROTECT console in cloud or on-premises
Cloud sandbox analysis

ESET Dynamic Threat Defense

Provides another layer of security for ESET offerings like Mail Security and Endpoint products by utilising cloud-based sandboxing technology to detect new, never-before-seen type of threats. Future-proof your company IT security with:

  • Behaviour-based detection
  • Machine learning
  • Zero-day threats Detection
  • Ransomware prevention

Explore features

Ransomware and zero-day threats detection

Detect new, never-before-seen types of threats. ESET utilizes three different machine learning models once a file is submitted. After that, it runs the sample through a full sandbox, simulating user behavior to trick anti-evasive techniques. Next, a deep learning neural network is used to compare the behavior seen versus historical behavioral data. Finally, the latest version of ESET's scanning engine is used to take everything apart and analyze it for anything unusual.

Granular reports

An admin can create a report of ESET Dynamic Threat Defense data in the ESET PROTECT console. They can either use one of the pre-defined reports or make a custom one.

Transparent full visibility

Every analyzed sample status is visible in the ESET PROTECT console, which provides transparency to all data sent to ESET LiveGrid®.

Automatic protection

The endpoint or server product automatically decides whether a sample is good, bad or unknown. If the sample is unknown, it is sent to ESET Dynamic Threat Defense for analysis. Once the analysis is finished, the result is shared, and the endpoint products respond accordingly.

Mail Security protection

Not only does ESET Dynamic Threat Defense work with files, but it also works directly with ESET Mail Security, to ensure that malicious emails are not delivered to your organization.

Mobility

Nowadays, employees often do not work on the premises. The Cloud Sandbox analyzes files no matter where users are.

Proactive protection

If a simple is found suspicious, it is blocked from execution while ESET Dynamic Threat Defense analyzes it. That way, potential threats are prevented from wreaking havoc on the system.

Tailored customization

ESET allows per-computer detailed policy configuration for ESET Dynamic Threat Defense so the admin can control what is sent and what should happen based on the receiving result.

Manual submission

At any time, a user or admin can submit samples via an ESET compatible product for analysis and get the full result. Admins will see who sent what and what the result was directly in the ESET PROTECT console.

How does ESET Dynamic Threat Defense work?

Within Dynamic Threat Defense, ESET utilizes 3 different machine learning models once a file is submitted. After that, it runs the sample through a full sandbox which simulates user behavior to trick anti-evasive techniques. Next, a deep learning neural network is used to compare the behavior seen versus historical behavioral data. Last but not least, the latest version of ESET’s scanning engine is used to take everything apart and analyzed for anything unusual.

System requirements

  • A working ESET Business Account or ESET MSP Administrator account synchronized with a ESET management console
  • ESET PROTECT cloud or on-premises console deployed
  • Version 7.x of compatible ESET security products installed or newer
  • A Valid licence for ESET Dynamic Threat Defense or bundled solution licence with Cloud Sandbox component included
  • Activated Security products with ESET Dynamic Threat Defense Licence
  • ESET Dynamic Threat Defense enabled in policies for compatible Security products
  • Network requirements on opened ports
Endpoint detection & response

ESET Enterprise Inspector

Endpoint Detection and Response tool from ESET enables continuous comprehensive monitoring of real-time endpoint activity, in-depth analysis of suspicious processes and immediate response to incidents and breaches. Paired with ESET Endpoint Protection Platform, ESET Enterprise Inspector is a complete prevention, detection and remediation solution to:

  • Detect advanced persistent threats
  • Stop fileless attacks
  • Block zero-day threats
  • Protect against ransomware
  • Prevent company policy violation

Explore features

Public API

ESET Enterprise Inspector features an API that enables accessing and exporting of detections and their remediation to allow effective integration with tools such as SIEM, SOAR, ticketing tools and many others.

Multiplatform coverage

ESET Enterprise Inspector supports Windows and macOS, which makes it a perfect choice for multiplatform environments

Remote access

ESET Enterprise Inspector features remote PowerShell capabilities that allow Security Engineers to remotely inspect and configure their organization’s computers, so a sophisticated response can be achieved without breaking the user’s workflow.

Threat Hunting

Apply data filters to sort it based on file popularity, reputation, digital signature, behavior or contextual information. Setting up multiple filters allows automated, easy threat hunting, including APTs and targeted attacks, which is customizable to each company’s environment. By adjusting behavior rules, ESET Enterprise Inspector can also be customized for Historic Threat Hunting and “rescan” the entire events database.

One-click isolation

Define network access policies to quickly stop malware’s lateral movements. Isolate a compromised device from the network by just one click in the ESET Enterprise Inspector interface. Also, easily remove the devices from the containment state.

Open architecture & integrations

ESET Enterprise Inspector provides a unique behavior and reputation-based detection that is fully transparent to security teams. All rules are easily editable via XML to allow fine-tuning or easily created to match the needs of specific enterprise environments, including SIEM integrations.

MITRE ATT&CK™

ESET Enterprise Inspector references its detections to the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework, which in one click provides you with comprehensive information even about the most complex threats.

Investigation and Remediation

Use a built-in set of rules or create your own rules to respond to detected incidents. Each triggered alarm features a proposed next step to be performed for remediation. This quick response functionality helps to ensure that any single incident will not fall through the cracks.

Anomaly and behavior detection

Check actions carried out by an executable and utilize ESET’s LiveGrid® Reputation system to quickly assess if executed processes are safe or suspicious. Monitoring anomalous user-related incidents are possible due to specific rules written to be triggered by behavior, not simple malware or signature detections. Grouping of computers by user or department allows security teams to identify if the user is entitled to perform a specific action or not.

Company Policy Violation Detection

Block malicious modules from being executed on any computer in your organization’s network. ESET Enterprise Inspector’s open architecture offers the flexibility to detect violations of policies about using specific software like torrent applications, cloud storage, tor browsing or other unwanted software.

Tagging

Assign and unassign tags for fast filtering to EEI objects such as computers, alarms, exclusions, tasks, executables, processes and scripts. Tags are shared among users, and once created, they can be assigned within seconds.

Scoring

Prioritize the severity of alarms with scoring functionality that attributes a severity value to incidents and allows the admin to quickly identify computers with a higher probability of a potential incident.

Multiple Indicators of compromise

View and block modules based on over 30 different indicators, including hash, registry modifications, file modifications and network connections.

Data collection

View comprehensive data about a newly executed module, including time of execution, user who executed, dwell time and attacked devices. All data is locally stored to prevent sensitive data leakage.